Privacy Policy
Last Updated: May 19, 2026
Fileflow Solutions Inc.("Fileflow", "Clerke", "we", "us", or "our"), operating under the brand name “Clerke,” operates the Clerke service from British Columbia, Canada. This policy describes the personal information we collect from users of the service, how we use it, who we share it with, where it is stored, how long we keep it, and the rights you have over it under Canadian privacy law.
Clerke started as a minute book review tool. The service now also includes entity record management (directors, officers, share classes and shareholdings, significant individuals on the Transparency Register, annual filings), document generation (cover letters, invoices, Central Securities Registers, Transparency Registers), and in-app document signing. This policy applies across the full service.
1. Who we are
Clerke is operated by Fileflow Solutions Inc., a corporation incorporated in British Columbia, Canada, under the brand name “Clerke.” We are in the process of incorporating Clerke Technologies Inc., to which operation of the service will be assigned. Notice of that assignment will be given through the service.
You can contact us about this policy or about your personal information at privacy@clerke.io.
2. What this policy covers
This policy explains:
- What personal information we collect when you use Clerke;
- Why we collect it and how we use it;
- Who we share it with and why;
- Where it is stored;
- How long we keep it;
- How we protect it;
- The rights you have over it under Canadian privacy law.
This policy applies to the Clerke website at clerke.io and the Clerke service accessed through it. It does not apply to third-party services we link to, which have their own privacy policies. This policy applies to information collected from individuals in Canada. Clerke is currently available only to users in Canada.
3. What we collect
We collect the following categories of personal information:
a. Account information
- Your email address (used to log in and receive service communications)
- A password, stored only in hashed form by our authentication provider — we never see, store, or have access to your actual password
- The name of your firm or company
- The date and time your account was created
b. Content you upload — minute book reviews
When you use Clerke to review a minute book, you upload a PDF file. These uploads contain personal information about the individuals named in the minute book — typically directors, officers, shareholders, and other parties to corporate records.
For each upload, we collect the PDF file itself, the original filename, the file size, and the MIME type.
The uploaded minute book PDF is deleted from our systems shortly after we generate your report unless you choose to save the entity to your account for ongoing management. See Section 7 (How long we keep your information).
c. Reports and entity records
When Clerke produces a report from your minute book we store the structured report, the timestamp it was generated, and a link to your user account.
If you save a review as an "entity" in Clerke or create one manually, we store the structured corporate facts you (or AI extraction) enter or confirm: entity identification, registered and records office addresses, directors and officers, share classes and shareholdings, significant individuals (Transparency Register entries under Part 4.1 of the Business Corporations Act (BC)) — which contain sensitive information including residential address, date of birth, citizenship, and tax residency — free-form notes, and annual filing records.
d. Documents and signatures
You may upload additional documents to an entity's minute book (PDF, DOCX, XLSX, JPG, or PNG, up to 50 MB). For each we store the file, the category, filename, size, MIME type, and upload timestamp.
Documents generated by Clerke (cover letters, invoices, registers) are stored as PDFs alongside a SHA-256 hash for tamper-evidence and the input parameters used to generate them. When a document is signed, we store the signature image (PNG), the signer's name at signing, the signer's user ID (if a Clerke user), the method (typed, drawn, or uploaded), the date and time, the IP address, SHA-256 hashes of the unsigned and signed PDF for tamper-evidence, and the signed PDF itself.
e. AI extraction
You may ask Clerke to use AI to extract structured facts from an uploaded document. When you do, the document and a prompt are sent to our AI service provider (see Section 5). The structured output is returned to you for review before it is saved.
f. Activity logs
We keep an append-only audit log of significant actions: user ID, timestamp, action type, IP address, and file metadata (filename, size — never file contents).
g. Billing information
If you subscribe to a paid plan we store your Stripe customer ID, subscription status, and plan tier. We do not collect, see, or store your credit card or banking information— payment details are entered directly into Stripe's hosted checkout.
h. Server logs
Our hosting provider keeps standard server access logs (records of requests made to our servers). These logs are retained for approximately 30 days and used solely for security monitoring and troubleshooting. They do not contain the contents of your uploads or reports.
i. Pre-launch interest leads
If you submit your email through one of Clerke's pre-launch landing pages, we store the email, optional name and firm, role, and an IP address and user agent string for spam prevention. We use this information solely to follow up about the relevant product. Leads are not added to any general marketing list.
j. What we do NOT collect
We deliberately do not collect analytics data, marketing or advertising tracking pixels, third-party cookies, phone numbers, physical addresses, or information about you from external sources.
4. How we use your information
We use the information we collect for these purposes only:
- To provide the service: processing your minute book, generating your report, delivering it to you, and storing it for your future reference
- To operate your account: authentication, account management, and service communication
- To bill you: processing subscriptions through Stripe
- To meet our security obligations: maintaining the audit log, monitoring for abuse, responding to incidents
- To comply with legal obligations: if we receive a valid legal order requiring disclosure
- To improve the service: in aggregated, anonymized form only — never using identifiable personal information from your uploads
We do not use your minute books or reports to train AI models. See Section 5 for the contractual posture governing our AI service provider.
We do not sell your personal information. We do not share it for advertising purposes.
5. Third-party service providers
Clerke uses a small number of carefully selected service providers to deliver the service. We share personal information with these providers only to the extent necessary for them to perform their function. Each is bound by contract to handle your information in accordance with applicable privacy laws.
| Service provider | Role | What they receive |
|---|---|---|
| Anthropic, PBC (United States) | AI processing | The contents of your uploaded minute book and the prompt instructing how to analyze it; when you use AI extraction on an entity document, the contents and the relevant extraction prompt. Clerke accesses Anthropic's API under Anthropic's Commercial Terms, which prohibit Anthropic from using customer inputs or outputs to train models. Clerke is also pursuing a Zero Data Retention addendum. |
| Supabase (Montreal, Canada) | Authentication, database, file storage | Your account information, uploaded files (until deletion), generated reports, audit logs. |
| Stripe (US/Canada) | Payment processing | Your billing information and payment details (entered directly into Stripe). We do not see card numbers. |
| Vercel (US, Canadian edge regions) | Frontend hosting | Standard server access logs (no upload contents). |
Amazon Web Services (Montreal, Canada — ca-central-1) | Transactional email delivery (SES) | Outbound email addresses and message contents for service emails (signing links, password resets, etc.). |
A current and authoritative list is maintained at clerke.io/subprocessors.
Cross-border data transfer: AI processing of your minute book happens on servers operated by Anthropic in the United States; payment processing involves Stripe infrastructure in the United States and Canada. By using Clerke, you consent to these transfers. Personal information sent outside Canada is subject to the laws of the country where it is processed.
The parts of the service Clerke directly controls — account data, uploaded files, reports, audit logs, and transactional email — are hosted in Canada.
Other disclosure: We will disclose personal information without your consent only if required by law or to protect the rights, property, or safety of Clerke, our users, or others.
6. Where your information is stored
The following data resides in Canadian data centres (Montreal, ca-central-1): account information, uploaded files, generated reports, entity records, generated documents, signed PDFs, audit logs, and outbound transactional email metadata.
The following data is processed on US-based infrastructure: minute book contents during AI processing by Anthropic (governed by Anthropic's Commercial Terms, which prohibit training on customer content); payment information held by Stripe.
7. How long we keep your information
- Uploaded minute book PDFs (one-time review path): automatically deleted shortly after report generation, in any case within 24 hours, unless you save the entity to your account.
- Entity records and entity-document uploads: retained while the entity remains in your account. You may delete any record or document at any time.
- Generated documents and signatures: retained for as long as the underlying entity remains in your account. Once signed, the audit row cannot be modified.
- Pending external-signing links: expire 14 days after issuance and are single-use. Expired or consumed links are retained alongside the document for audit completeness.
- Pre-launch interest leads: retained until we contact you about the relevant product, or for 24 months, whichever comes first.
- Generated reports: kept indefinitely on your behalf. You may request deletion at any time using the details in Section 13.
- Account information: retained while your account is active. You may request deletion at any time using the details in Section 13.
- Audit logs: 12 months.
- Server logs: approximately 30 days.
- Billing records: 7 years from the date of the transaction, per Canadian tax record-keeping requirements.
8. How we protect your information
- Encryption in transit: TLS 1.2 or higher.
- Encryption at rest: AES-256 by our hosting provider.
- Authentication: verified email address and password.
- Access controls: database-enforced row-level security; internal access by Clerke personnel is limited and logged.
- Audit logging: all significant actions recorded.
- Server-side validation: uploads validated server-side before processing.
- Source-file deletion: uploaded PDFs deleted shortly after processing.
- Vendor due diligence: service providers selected for security posture and bound by contract.
If we become aware of a security incident affecting your personal information that creates a real risk of significant harm, we will notify you and the Office of the Privacy Commissioner of Canada in accordance with PIPEDA's breach notification requirements.
9. Your rights
Under PIPEDA and BC PIPA, you have the right to:
- Access the personal information we hold about you
- Correct information that is inaccurate or incomplete
- Withdraw your consent to our processing, subject to legal and contractual restrictions and reasonable notice
- Delete your account and all associated personal information
- Lodge a complaint with the Office of the Privacy Commissioner of Canada (priv.gc.ca) or, if you are a BC resident, the Office of the Information and Privacy Commissioner for BC (oipc.bc.ca)
To exercise any of these rights, contact us using the details in Section 13. We will respond to verified requests within 30 days. We do not charge a fee for standard access or correction requests.
10. Cookies
Clerke uses only essential, first-party cookies required for authentication. We do not use third-party cookies, marketing tracking, or analytics. Because we use only strictly necessary cookies, no cookie consent banner is required under Canadian privacy law.
11. Intended audience
Clerke is a professional tool intended for paralegals, lawyers, and corporate professionals. The Clerke Terms of Service require users to be at least 18 years of age. We do not knowingly collect personal information from individuals under 18.
12. Changes to this policy
We may update this policy from time to time. The "Last Updated" date at the top of this policy will indicate when it was last changed. For material changes, we will notify users by email and through a notice in the service before the change takes effect.
13. How to contact us
For privacy-related questions, requests, or complaints:
Email: privacy@clerke.io
Clerke has designated a Privacy Officer responsible for compliance with this policy. To reach them, use the email above.